1. class
  2. Concrete
  3. \
  4. Core
  5. \
  6. Permission
  7. \
  8. IpAccessControlService

IpAccessControlService

class IpAccessControlService implements LoggerAwareInterface (View source)

Traits

LoggerAwareTrait

Trait LoggerAwareTrait A trait used with LoggerAwareInterface

LoggerAwareTrait

Constants

IPRANGEFLAG_BLACKLIST

Bit mask for denylist ranges.
IPRANGEFLAG_WHITELIST

Bit mask for allowlist ranges.
IPRANGEFLAG_MANUAL

Bit mask for manually generated ranges.
IPRANGEFLAG_AUTOMATIC

Bit mask for automatically generated ranges.
IPRANGETYPE_BLACKLIST_MANUAL

IP range type: manually added to the denylist.
IPRANGETYPE_BLACKLIST_AUTOMATIC

IP range type: automatically added to the denylist.
IPRANGETYPE_WHITELIST_MANUAL

IP range type: manually added to the allowlist.

Properties

protected EntityManagerInterface $em
protected Site $site
protected IpAccessControlCategory $category

The IP Access Control Category.
protected AddressInterface $defaultIpAddress

Methods

getLoggerChannel()

No description

__construct(EntityManagerInterface $em, Site $site, IpAccessControlCategory $category, AddressInterface $defaultIpAddress)

Initialize the instance.

IpAccessControlCategory
getCategory()

Get the IP Access Control Category.

bool
isBlacklisted(AddressInterface $ipAddress = null) deprecated

No description

bool
isDenylisted(AddressInterface $ipAddress = null)

Check if an IP address is denylisted.

bool
isWhitelisted(AddressInterface $ipAddress = null) deprecated

No description

bool
isAllowlisted(AddressInterface $ipAddress = null)

Check if an IP address is allowlisted.

IpAccessControlEvent|null
registerEvent(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Create and save an IP Access Control Event.

IpAccessControlEvent|null
registerEventAt(DateTime $dateTime, AddressInterface|null $ipAddress = null, bool $evenIfDisabled = false)

Create and save an IP Access Control Event at a specific date/time.

int
getEventsCount(AddressInterface|null $ipAddress = null)

Get the number of events registered (in the time window if it's not null, or any events if null).

DateTimeImmutable|null
getLastEvent(AddressInterface|null $ipAddress = null)

Get the date/time of the last registered events (in the time window if it's not null, or any events if null).

bool
isThresholdReached(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Check if the IP address has reached the threshold.

IpAccessControlRange|null
addToDenylistForThresholdReached(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Add an IP address to the list of denylisted IP address when too many events occur.

IpAccessControlRange
createRange(RangeInterface $range, int $type, DateTime $expiration = null)

Add persist an IP address range type.

Collection|IpAccessControlRange[]
getRanges(int $type, bool $includeExpired = false)

Get the list of currently available ranges.

getRangeByID(int $id)

Get a saved range for this category given its ID.

deleteRange(IpAccessControlRange|int $range)

Delete a saved range given its instance or its ID.

int
deleteEvents(int|null $minAge = null)

Delete the recorded events.

int
deleteEventsFor(AddressInterface|null $ipAddress = null, int|null $minAge = null)

Delete the recorded events.

int
deleteAutomaticDenylist(bool $onlyExpired = true)

Clear the IP addresses automatically denylisted.

string
getErrorMessage()

Get the (localized) message telling the users that their IP address has been banned.

IpAccessControlRange|null
getRange(AddressInterface $ipAddress = null)

No description

Details

at line 569
getLoggerChannel()

No description

See also

LoggerAwareInterface::getLoggerChannel

at line 102
__construct(EntityManagerInterface $em, Site $site, IpAccessControlCategory $category, AddressInterface $defaultIpAddress)

Initialize the instance.

Parameters

EntityManagerInterface $em
Site $site
IpAccessControlCategory $category
AddressInterface $defaultIpAddress

at line 115
IpAccessControlCategory getCategory()

Get the IP Access Control Category.

Return Value

IpAccessControlCategory

at line 129
bool isBlacklisted(AddressInterface $ipAddress = null) deprecated

deprecated Check if an IP address is denylisted.

No description

Parameters

AddressInterface $ipAddress

Return Value

bool

at line 141
bool isDenylisted(AddressInterface $ipAddress = null)

Check if an IP address is denylisted.

Parameters

AddressInterface $ipAddress

Return Value

bool

at line 157
bool isWhitelisted(AddressInterface $ipAddress = null) deprecated

deprecated Check if an IP address is allowlisted.

No description

Parameters

AddressInterface $ipAddress

Return Value

bool

at line 169
bool isAllowlisted(AddressInterface $ipAddress = null)

Check if an IP address is allowlisted.

Parameters

AddressInterface $ipAddress

Return Value

bool

at line 184
IpAccessControlEvent|null registerEvent(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Create and save an IP Access Control Event.

Parameters

AddressInterface $ipAddress

the IP address to be recorded (if NULL we'll use the current one)
bool $evenIfDisabled

create the event even if the category is disabled?

Return Value

IpAccessControlEvent|null

at line 198
IpAccessControlEvent|null registerEventAt(DateTime $dateTime, AddressInterface|null $ipAddress = null, bool $evenIfDisabled = false)

Create and save an IP Access Control Event at a specific date/time.

Parameters

DateTime $dateTime

the date/time of the event
AddressInterface|null $ipAddress

the IP address to be recorded (if NULL we'll use the current one)
bool $evenIfDisabled

create the event even if the category is disabled?

Return Value

IpAccessControlEvent|null

return NULL if the category is disabled and $evenIfDisabled is false, the created event otherwise

at line 221
int getEventsCount(AddressInterface|null $ipAddress = null)

Get the number of events registered (in the time window if it's not null, or any events if null).

Parameters

AddressInterface|null $ipAddress

the IP address to be checked (if null we'll use the current IP address)

Return Value

int

at line 263
DateTimeImmutable|null getLastEvent(AddressInterface|null $ipAddress = null)

Get the date/time of the last registered events (in the time window if it's not null, or any events if null).

Parameters

AddressInterface|null $ipAddress

the IP address to be checked (if null we'll use the current IP address)

Return Value

DateTimeImmutable|null

at line 312
bool isThresholdReached(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Check if the IP address has reached the threshold.

Parameters

AddressInterface $ipAddress

the IP address to be checked (if null we'll use the current IP address)
bool $evenIfDisabled

Return Value

bool

at line 358
IpAccessControlRange|null addToDenylistForThresholdReached(AddressInterface $ipAddress = null, bool $evenIfDisabled = false)

Add an IP address to the list of denylisted IP address when too many events occur.

Parameters

AddressInterface $ipAddress

the IP to add to the denylist (if null, we'll use the current IP address)
bool $evenIfDisabled

if set to true, we'll add the IP address even if the IP ban system is disabled in the configuration

Return Value

IpAccessControlRange|null

at line 400
IpAccessControlRange createRange(RangeInterface $range, int $type, DateTime $expiration = null)

Add persist an IP address range type.

Parameters

RangeInterface $range

the IP address range to persist
int $type

The range type (one of the IpAccessControlService::IPRANGETYPE_... constants)
DateTime $expiration

The optional expiration of the range type

Return Value

IpAccessControlRange

at line 424
Collection|IpAccessControlRange[] getRanges(int $type, bool $includeExpired = false)

Get the list of currently available ranges.

Parameters

int $type

(one of the IPService::IPRANGETYPE_... constants)
bool $includeExpired

Include expired records?

Return Value

Collection|IpAccessControlRange[]

at line 448
getRangeByID(int $id)

Get a saved range for this category given its ID.

Parameters

int $id

\Concrete\Core\Entity\Permission\IpAccessControlRange|null

at line 469
deleteRange(IpAccessControlRange|int $range)

Delete a saved range given its instance or its ID.

Parameters

IpAccessControlRange|int $range

at line 486
int deleteEvents(int|null $minAge = null)

Delete the recorded events.

Parameters

int|null $minAge

the minimum age (in seconds) of the records (specify an empty value to delete all records)

Return Value

int

the number of records deleted

at line 499
int deleteEventsFor(AddressInterface|null $ipAddress = null, int|null $minAge = null)

Delete the recorded events.

Parameters

AddressInterface|null $ipAddress

delete the records for this specific IP address (or for any address if NULL)
int|null $minAge

the minimum age (in seconds) of the records (specify NULL delete all records)

Return Value

int

the number of records deleted

at line 532
int deleteAutomaticDenylist(bool $onlyExpired = true)

Clear the IP addresses automatically denylisted.

Parameters

bool $onlyExpired

Return Value

int

the number of records deleted

at line 559
string getErrorMessage()

Get the (localized) message telling the users that their IP address has been banned.

Return Value

string

at line 579
IpAccessControlRange|null getRange(AddressInterface $ipAddress = null)

No description

Parameters

AddressInterface $ipAddress

Return Value

IpAccessControlRange|null